From c4b23235460ed6911931dab0bdc2fbb7c33f572f Mon Sep 17 00:00:00 2001 From: Jean-Baptiste DONNETTE Date: Thu, 3 Oct 2024 15:42:44 +0200 Subject: [PATCH] refactor: improve environment variables management by using common and specific anchors --- docker-compose.yml | 115 +++++++++++++++++++++++---------------------- env | 4 -- 2 files changed, 60 insertions(+), 59 deletions(-) diff --git a/docker-compose.yml b/docker-compose.yml index e0bdf81..a7c4551 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,10 +1,52 @@ -version: '3.8' - volumes: lago_postgres_data: lago_redis_data: lago_storage_data: +x-common-environment: &common-environment + LAGO_API_URL: ${LAGO_API_URL} + REDIS_PASSWORD: ${REDIS_PASSWORD} + SECRET_KEY_BASE: ${SECRET_KEY_BASE} + RAILS_ENV: ${RAILS_ENV} + RAILS_LOG_TO_STDOUT: ${LAGO_RAILS_STDOUT} + SENTRY_DSN: ${SENTRY_DSN} + LAGO_FRONT_URL: ${LAGO_FRONT_URL} + LAGO_RSA_PRIVATE_KEY: ${LAGO_RSA_PRIVATE_KEY} # Should be base64 encoded + LAGO_ENCRYPTION_PRIMARY_KEY: ${LAGO_ENCRYPTION_PRIMARY_KEY} + LAGO_ENCRYPTION_DETERMINISTIC_KEY: ${LAGO_ENCRYPTION_DETERMINISTIC_KEY} + LAGO_ENCRYPTION_KEY_DERIVATION_SALT: ${LAGO_ENCRYPTION_KEY_DERIVATION_SALT} + LAGO_USE_AWS_S3: ${LAGO_USE_AWS_S3} + LAGO_AWS_S3_ACCESS_KEY_ID: ${LAGO_AWS_S3_ACCESS_KEY_ID} + LAGO_AWS_S3_SECRET_ACCESS_KEY: ${LAGO_AWS_S3_SECRET_ACCESS_KEY} + LAGO_AWS_S3_REGION: ${LAGO_AWS_S3_REGION} + LAGO_AWS_S3_BUCKET: ${LAGO_AWS_S3_BUCKET} + LAGO_AWS_S3_ENDPOINT: ${LAGO_AWS_S3_ENDPOINT} + LAGO_USE_GCS: ${LAGO_USE_GCS} + LAGO_GCS_PROJECT: ${LAGO_GCS_PROJECT} + LAGO_GCS_BUCKET: ${LAGO_GCS_BUCKET} + LAGO_PDF_URL: ${LAGO_PDF_URL} + LAGO_REDIS_CACHE_PASSWORD: ${LAGO_REDIS_CACHE_PASSWORD} + LAGO_DISABLE_SEGMENT: ${LAGO_DISABLE_SEGMENT} + LAGO_DISABLE_WALLET_REFRESH: ${LAGO_DISABLE_WALLET_REFRESH} + NANGO_SECRET_KEY: ${NANGO_SECRET_KEY} + LAGO_LICENSE: ${LAGO_LICENSE} + +x-api-environment: &api-environment + <<: *common-environment + LAGO_SIDEKIQ_WEB: ${LAGO_SIDEKIQ_WEB} + LAGO_OAUTH_PROXY_URL: ${LAGO_OAUTH_PROXY_URL} + GOOGLE_AUTH_CLIENT_ID: ${GOOGLE_AUTH_CLIENT_ID} + GOOGLE_AUTH_CLIENT_SECRET: ${GOOGLE_AUTH_CLIENT_SECRET} + +x-front-environment: &front-environment + API_URL: ${LAGO_API_URL} + APP_ENV: ${APP_ENV} + LAGO_DISABLE_SIGNUP: ${LAGO_DISABLE_SIGNUP} + LAGO_OAUTH_PROXY_URL: ${LAGO_OAUTH_PROXY_URL} + SENTRY_DSN: ${SENTRY_DSN_FRONT} + NANGO_SECRET_KEY: ${NANGO_SECRET_KEY} + + services: db: image: postgres:14-alpine @@ -60,7 +102,8 @@ services: # start_interval: 2s environment: <<: *api-environment - + DATABASE_URL: "postgresql://${POSTGRES_USER}:${POSTGRES_PASSWORD}@${POSTGRES_HOST}:${POSTGRES_PORT}/${POSTGRES_DB}?search_path=${POSTGRES_SCHEMA}" + REDIS_URL: "redis://${REDIS_HOST}:${REDIS_PORT}" volumes: - lago_storage_data:/app/storage # If using GCS, you need to put the credentials keyfile here @@ -68,6 +111,7 @@ services: ports: - ${API_PORT}:3000 + front: container_name: lago-front image: getlago/front:v1.12.2 @@ -77,6 +121,7 @@ services: condition: service_healthy environment: <<: *front-environment + ports: - ${FRONT_PORT}:80 healthcheck: @@ -98,6 +143,9 @@ services: test: ['CMD-SHELL', 'bundle exec sidekiqmon | grep $(hostname) || exit 1'] environment: <<: *common-environment + LAGO_REDIS_CACHE_URL: "redis://${LAGO_REDIS_CACHE_HOST}:${LAGO_REDIS_CACHE_PORT}" + DATABASE_URL: "postgresql://${POSTGRES_USER}:${POSTGRES_PASSWORD}@${POSTGRES_HOST}:${POSTGRES_PORT}/${POSTGRES_DB}?search_path=${POSTGRES_SCHEMA}" + REDIS_URL: "redis://${REDIS_HOST}:${REDIS_PORT}" # SIDEKIQ_EVENTS: ${SIDEKIQ_EVENTS} # SIDEKIQ_PDFS: ${SIDEKIQ_PDFS} volumes: @@ -113,6 +161,9 @@ services: command: ['./scripts/start.clock.sh'] environment: <<: *common-environment + LAGO_REDIS_CACHE_URL: "redis://${LAGO_REDIS_CACHE_HOST}:${LAGO_REDIS_CACHE_PORT}" + DATABASE_URL: "postgresql://${POSTGRES_USER}:${POSTGRES_PASSWORD}@${POSTGRES_HOST}:${POSTGRES_PORT}/${POSTGRES_DB}?search_path=${POSTGRES_SCHEMA}" + REDIS_URL: "redis://${REDIS_HOST}:${REDIS_PORT}" pdf: image: getlago/lago-gotenberg:7.8.2 @@ -129,61 +180,15 @@ services: volumes: - lago_storage_data:/app/storage environment: - - RAILS_ENV=${RAILS_ENV} - - SECRET_KEY_BASE=${SECRET_KEY_BASE} - - RSA_PRIVATE_KEY=${RSA_PRIVATE_KEY} # Should be base64 encoded - - LAGO_RSA_PRIVATE_KEY=${LAGO_RSA_PRIVATE_KEY} # Should be base64 encoded - - DATABASE_URL=${DATABASE_URL} - - REDIS_URL=${REDIS_URL} - - REDIS_PASSWORD=${REDIS_PASSWORD} + RAILS_ENV: ${RAILS_ENV} + SECRET_KEY_BASE: ${SECRET_KEY_BASE} + LAGO_RSA_PRIVATE_KEY: ${LAGO_RSA_PRIVATE_KEY} # Should be base64 encoded + DATABASE_URL: "postgresql://${POSTGRES_USER}:${POSTGRES_PASSWORD}@${POSTGRES_HOST}:${POSTGRES_PORT}/${POSTGRES_DB}?search_path=${POSTGRES_SCHEMA}" + REDIS_URL: "redis://${REDIS_HOST}:${REDIS_PORT}" + REDIS_PASSWORD: ${REDIS_PASSWORD} -x-common-environment: &common-environment - LAGO_API_URL: ${LAGO_API_URL} - DATABASE_URL: ${DATABASE_URL} - REDIS_URL: ${REDIS_URL} - REDIS_PASSWORD: ${REDIS_PASSWORD} - SECRET_KEY_BASE: ${SECRET_KEY_BASE} - RAILS_ENV: ${RAILS_ENV} - RAILS_LOG_TO_STDOUT: ${LAGO_RAILS_STDOUT} - SENTRY_DSN: ${SENTRY_DSN} - LAGO_FRONT_URL: ${LAGO_FRONT_URL} - RSA_PRIVATE_KEY: ${RSA_PRIVATE_KEY} # Should be base64 encoded - LAGO_RSA_PRIVATE_KEY: ${LAGO_RSA_PRIVATE_KEY} # Should be base64 encoded - LAGO_ENCRYPTION_PRIMARY_KEY: ${LAGO_ENCRYPTION_PRIMARY_KEY} - LAGO_ENCRYPTION_DETERMINISTIC_KEY: ${LAGO_ENCRYPTION_DETERMINISTIC_KEY} - LAGO_ENCRYPTION_KEY_DERIVATION_SALT: ${LAGO_ENCRYPTION_KEY_DERIVATION_SALT} - LAGO_USE_AWS_S3: ${LAGO_USE_AWS_S3} - LAGO_AWS_S3_ACCESS_KEY_ID: ${LAGO_AWS_S3_ACCESS_KEY_ID} - LAGO_AWS_S3_SECRET_ACCESS_KEY: ${LAGO_AWS_S3_SECRET_ACCESS_KEY} - LAGO_AWS_S3_REGION: ${LAGO_AWS_S3_REGION} - LAGO_AWS_S3_BUCKET: ${LAGO_AWS_S3_BUCKET} - LAGO_AWS_S3_ENDPOINT: ${LAGO_AWS_S3_ENDPOINT} - LAGO_USE_GCS: ${LAGO_USE_GCS} - LAGO_GCS_PROJECT: ${LAGO_GCS_PROJECT} - LAGO_GCS_BUCKET: ${LAGO_GCS_BUCKET} - LAGO_PDF_URL: ${LAGO_PDF_URL} - LAGO_REDIS_CACHE_URL: ${LAGO_REDIS_CACHE_URL} - LAGO_REDIS_CACHE_PASSWORD: ${LAGO_REDIS_CACHE_PASSWORD} - LAGO_DISABLE_SEGMENT: ${LAGO_DISABLE_SEGMENT} - LAGO_DISABLE_WALLET_REFRESH: ${LAGO_DISABLE_WALLET_REFRESH} - NANGO_SECRET_KEY: ${NANGO_SECRET_KEY} - LAGO_LICENSE: ${LAGO_LICENSE} -x-api-environment: &api-environment - <<: *common-environment - LAGO_SIDEKIQ_WEB: ${LAGO_SIDEKIQ_WEB} - LAGO_OAUTH_PROXY_URL: ${LAGO_OAUTH_PROXY_URL} - GOOGLE_AUTH_CLIENT_ID: ${GOOGLE_AUTH_CLIENT_ID} - GOOGLE_AUTH_CLIENT_SECRET: ${GOOGLE_AUTH_CLIENT_SECRET} - -x-front-environment: &front-environment - API_URL: ${LAGO_API_URL} - APP_ENV: ${APP_ENV} - LAGO_DISABLE_SIGNUP: ${LAGO_DISABLE_SIGNUP} - LAGO_OAUTH_PROXY_URL: ${LAGO_OAUTH_PROXY_URL} - SENTRY_DSN: ${SENTRY_DSN_FRONT} - NANGO_SECRET_KEY: ${NANGO_SECRET_KEY} # You can uncomment this if you want to use a dedicated Sidekiq worker for the event ingestion. diff --git a/env b/env index 9a83b51..cf81b77 100644 --- a/env +++ b/env @@ -21,8 +21,6 @@ FRONT_PORT=80 # Lago API Configuration LAGO_API_URL=http://localhost:3000 -DATABASE_URL=postgresql://${POSTGRES_USER}:${POSTGRES_PASSWORD}@${POSTGRES_HOST}:${POSTGRES_PORT}/${POSTGRES_DB}?search_path=${POSTGRES_SCHEMA} -REDIS_URL=redis://${REDIS_HOST}:${REDIS_PORT} SECRET_KEY_BASE=your-secret-key-base-hex-64 RAILS_ENV=production LAGO_RAILS_STDOUT=true @@ -32,7 +30,6 @@ LAGO_DISABLE_SIGNUP=false APP_ENV=production # Encryption Keys -RSA_PRIVATE_KEY= LAGO_RSA_PRIVATE_KEY= LAGO_ENCRYPTION_PRIMARY_KEY=your-encryption-primary-key LAGO_ENCRYPTION_DETERMINISTIC_KEY=your-encryption-deterministic-key @@ -55,7 +52,6 @@ LAGO_GCS_BUCKET= LAGO_REDIS_CACHE_HOST=redis LAGO_REDIS_CACHE_PORT=6379 LAGO_REDIS_CACHE_PASSWORD= -LAGO_REDIS_CACHE_URL=redis://${LAGO_REDIS_CACHE_HOST}:${LAGO_REDIS_CACHE_PORT} # Sentry Configuration SENTRY_DSN=